DevTest Cross-Scripting Vulnerability

Document ID : KB000074543
Last Modified Date : 22/03/2018
Show Technical Document Details
Issue:
One of our CA DEV TEST machines is gettint the following Vulnerability during the scans - CWE 79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). we are not sure if it is because of the DEV TEST or something else.
Environment:
All supported DevTest releases and platforms.
Resolution:
Please open a new support case and specify the following:

When reporting a vulnerability with DevTest, please open a support case and provide the following information:

1. What component you are having the vulnerability on.

2. If the vulnerability is on a deployed service, please provide the vsi and vsm.

3. Explain why this vulnerability makes your business vulnerable. This should be done for each vulnerability detected.

4. What is the scanning tool being used to detect the vulnerability?

5. Provide the actual scan which shows each vulnerability. 

6. Provide the CVE (Common Vulnerabilities and Exposures) with each vulnerability detected.